CVE-2023-29779 Information

Description

Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulnerability which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. After receiving the malicious command the device will keep reporting its status and finally drain its battery after receiving the ‘Set_short_poll_interval’ command.

Reference

https://us.sengled.com/ https://github.com/iot-sec23/IoT-CVE/blob/main/Sengled%20Dimmer%20Switch%20Vulnerability%20Report.pdf